{"id":24900,"date":"2024-07-16T07:10:13","date_gmt":"2024-07-16T15:10:13","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/07\/16\/news-18630\/"},"modified":"2024-07-16T07:10:13","modified_gmt":"2024-07-16T15:10:13","slug":"news-18630","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/07\/16\/news-18630\/","title":{"rendered":"AI device Rabbit r1 logged user interactions without an option to erase them before selling"},"content":{"rendered":"\n<p>Rabbit, the manufacturer of the Artificial Intelligence (AI) assistant r1 has issued a <a href=\"https:\/\/www.rabbit.tech\/security-advisory-071124\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">security advisory<\/a> telling users it&#8217;s found a potential security risk. If a user loses or sells their device, a person in possession of the r1 could potentially jailbreak the device and gain access to files that contain logging information, chats, and photos.<\/p>\n<p>To tackle the potential problem with sensitive data being left behind on the r1, Rabbit has taken the following measures:<\/p>\n<ul>\n<li>A factory reset option is now available in the settings menu that lets you erase all data from the r1 prior to transferring ownership.<\/li>\n<li>Pairing data is no longer logged to the device.<\/li>\n<li>The amount of log data that gets stored on the device has been reduced.<\/li>\n<li>Pairing data can no longer be used to read from the user&#8217;s Rabbithole journal section. It can only trigger actions.<\/li>\n<\/ul>\n<p>Rabbit also says it is performing a full review of device logging practices to check whether additional technical controls are needed.<\/p>\n<p>If you have an r1, you don&#8217;t need to do anything as the fix will be downloaded and installed automatically. While most updates to the r1 do not require any action of the user, updates that require you to accept them, including new features and more supported apps, will happen via over-the-air updates. For these, follow the prompt on your r1, make sure you\u2019re connected to WiFi and a power source, and wait for it to update.<\/p>\n<p>For those not familiar with the concept, the Rabbit r1 is an AI-powered gadget that can manage the use of your apps for you. It\u2019s a standalone gadget with a 2.88-inch touchscreen, a rotating camera for taking photos and videos, and a scroll wheel\/button designed to navigate the menu or allow you to talk to the built-in AI.<\/p>\n<p>The Rabbithole mentioned earlier is an all-in-one web portal to manage the relationship with rabbit OS, and the device that you pair the r1 to. The Rabbit r1 uses a Large Action Model (LAM) to translate the user&#8217;s voice into actions on the device it&#8217;s paired with, whether that\u2019s a handheld device, like a phone, or a desktop computer.<\/p>\n<p>It\u2019s still pretty much a project under development. Right now, the Rabbit r1 can answer questions, call an Uber, order DoorDash, play music on Spotify, translate speech, generate images on Midjourney, identify nearby objects with its camera and record voice memos. Nothing your phone can\u2019t do, but Rabbit promises more options on the horizon and claims that all these actions are easier to accomplish when you\u2019re using the r1.<\/p>\n<p>The journal section of the Rabbithole web portal shows any visual searches you&#8217;ve conducted using the r1&#8217;s camera and voice memos you&#8217;ve recorded.<\/p>\n<p>Rabbit says there\u2019s no indication that pairing data has been abused to retrieve Rabbithole journal data belonging to a former device owner. Yet the possibility exists, and it\u2019s good that users now have the ability to erase all data before selling the device. However, this doesn&#8217;t solve the issue if the r1 is stolen or lost.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<p><strong>We don&#8217;t just report on threats &#8211; we help safeguard your entire digital identit<\/strong>y<\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family&#8217;s\u2014personal information by using <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">identity protection<\/a>.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<h2 class=\"wp-block-heading\" id=\"h-summer-mega-sale\">Summer mega sale<\/h2>\n<p>Go into your vacation knowing you&#8217;re much more secure: This summer you can get a huge <a href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\"><strong>50%\u00a0off\u00a0a Malwarebytes Standard subscription<\/strong> or <strong>Malwarebytes Identity bundle<\/strong><\/a>. Run, don&#8217;t walk!<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-1 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-white-color has-blue-background-color has-text-color has-background has-link-color wp-element-button\" href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\/\"><strong>SAVE 5<\/strong>0<strong>% TODAY<\/strong><\/a><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/07\/ai-device-rabbit-r1-logged-user-interactions-without-an-option-to-erase-them-before-selling-device\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> Rabbit has introduced an option to erase all data from the r1 device before selling it on, but what if you lose it or it gets stolen? <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[32,31687,5897,31403,31688],"class_list":["post-24900","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-news","tag-pairing-data","tag-privacy","tag-rabbit-r1","tag-rabbithole"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24900","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24900"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24900\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24900"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24900"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24900"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}